ID CVE-2007-1876
Summary VMware Workstation before 5.5.4, when running a 64-bit Windows guest on a 64-bit host, allows local users to "corrupt the virtual machine's register context" by debugging a local program and stepping into a "syscall instruction."
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:-:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:-:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:3.2.1:patch1:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:3.2.1:patch1:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:3.4:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:4.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:4.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:4.0.1_build_5289:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:4.0.1_build_5289:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:4.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:4.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:4.5:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:4.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:4.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:4.5.2_build_8848:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:4.5.2_build_8848:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:5:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:5:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:5.0.0_build_13124:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:5.0.0_build_13124:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:5.5.0_build_13124:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:5.5.0_build_13124:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:5.5.1_build_19175:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:5.5.1_build_19175:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:5.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:5.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 16-10-2018 - 16:41)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 23732
bugtraq
  • 20070507 VMSA-2007-0004 Multiple Denial-of-Service issues fixed
  • 20070518 VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability
confirm http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554
osvdb 35509
sectrack 1018011
secunia 25079
vupen ADV-2007-1592
xf vmware-windebugging-unspecified(33993)
Last major update 16-10-2018 - 16:41
Published 02-05-2007 - 19:19
Last modified 16-10-2018 - 16:41
Back to Top